The Agent Skills Directory

[Indirect Prompt Injection] (LOW): The skill ingests data from external sources and the local codebase which may contain malicious instructions designed to influence the agent's planning output. -- Ingestion points: Local codebase files (Step 1) and external documentation retrieved via Context7 or MCP (Step 2). -- Boundary markers: None (Absent). There are no instructions to use delimiters or to ignore embedded instructions within the data being processed. -- Capability inventory: The skill writes to the filesystem (saving the plan as a markdown file) and spawns subagents for plan review, but does not perform direct code execution. -- Sanitization: None (Absent). No sanitization, escaping, or validation of the ingested data is described in the skill process.

swarm-planner